Read this Before You Hire Business Continuity Consultants

by | Jun 20, 2017

How do know your company will survive a major data loss? Realistically, how much downtime could the business endure before recovery became next to impossible? What are the exact failsafes you need to implement to avert a total meltdown? If you don’t know the answers to these questions, then it’s probably time to speak to some experienced business continuity consultants ASAP.

Hiring a consultant is a smart move for companies that are new to continuity planning or who are reevaluating their existing strategies. But since there are many types of advisors out there, it’s important to compare your options carefully and find the right fit for your business’s needs.

In this post, we address the biggest reasons to consider BCDR consultants, how to differentiate them and what to look for.

Let’s start with the most obvious question:

Why Use Business Continuity Consultants at All?

Every business faces a disaster at some point, whether it be technology failure, destruction from Mother Nature, malware, or even just Bob in Accounting who accidentally deletes some important spreadsheets. And now more than ever, with threats like ransomware, many companies are bombarded with disaster scenarios on a regular basis.

How you plan for such disasters will ultimately determine two things:

  • How vulnerable your company is
  • How quickly it can recover if/when disaster strikes

Roughly 40 to 60 percent of small businesses do not survive a major disaster, according to statistics from the U.S. Small Business Administration. But a shockingly large number of these closures could be prevented if only they’d implemented the right planning.

The problem is: business continuity is complex. A lot of factors play into a company’s ability to thwart—and recover from—a critical event. Business continuity consultants can make the planning easier. They can provide insight into the company’s unique disaster-planning needs and also help to implement the right safeguards, such as technology, recovery procedures or even employee training.


Finding Answers to Your Toughest BCDR Questions

Business continuity consultants can help provide the answers to your questions about disaster preparedness. Depending on their specialty, a consultancy will help identify the company’s vulnerabilities and create an action plan that reduces risk and speeds up your recovery time.

  • What goes in the business continuity plan BCP?
    Some consultants can help your write your BCP—the foundation of your continuity planning—ensuring that you have a single comprehensive document that outlines the company’s readiness for a disaster.
  • How do we perform a risk assessment?
    A risk assessment is one of the most critical components of BC planning. It identifies the company’s unique risks, prioritized by likelihood. A good consultant can help uncover serious risks that your in-house teams may be overlooking.
  • How do we perform a business impact analysis?
    How does each disaster translate into downtime, revenue loss, costs of idle workers, recovery expenses, impact on future revenue or the impact on brand/customer perception? An expert can help you perform this critical analysis to determine the true impact of each disaster and where the biggest continuity gaps need to be filled.
  • What is our RTO or RPO?
    A recovery time objective (RTO) is the amount of acceptable downtime that a business system or service can experience before the consequences become disastrous. Similarly, a recovery point objective (RPO) is the acceptable maximum duration of data loss after a backup restore. Both figures typically require a series of calculations and the coordination of different departments within your company. An experienced consultant can help you determine these projections.
  • Which technologies are imperative for continuity?
    Data backups, cloud storage, virus/malware software, DDoS protection, redundant communications lines – these are just a few of the many technologies to consider. A BC advisor will assist you in weeding through the numerous options available in each of these areas.
  • Help! What else do we need to know?!
    Peace of mind is invaluable when it comes to business continuity. A consultant can identify the numerous other solutions and procedural steps you may not even be thinking about: training programs, secondary business locations, medical response planning, emergency contact lists, calling trees … the list goes on and on. If you’re just getting started on your BCP, or you’re not confident in your existing recovery planning, then it’s probably a good idea to speak to a consultant.


Type of Consultants

Remember that there are many types of business continuity consultants. For example, some might be technology providers; others can be software providers, continuity plan writers, emergency preparedness agencies, financial firms and so on. Some consultants specialize in one area; others may offer a 360-degree approach. Some consultancies are run by one person firms; others are larger firms with dozens of employees on staff.

Evaluate your options carefully to ensure you’re choosing the appropriate type of service for your company. For example, if you’re already confident in your continuity planning, but you need to upgrade your data protection systems, then you can focus your search specifically on technology providers.

What to Look for

Regardless of what type of expert you’re searching for, you need to make sure you’re dealing with a professional who can help you achieve your company’s specific BCDR objectives.

Here are a few things to look for to ensure it’s a good fit.

  • Experience: This is one of the most important factors affecting the quality of service and guidance you receive. Always confirm how much experience a consultant has. A lack of experience could result in costly mistakes in your BCDR deployments – and you’ll realize it at the worst possible time: when disaster strikes. Stick with professionals who have an extensive track record. A few things to look for:
    • Years in business
    • Number of previous clients
    • How many current active clients
  • Client similarity: Sure, the consultant has 15 years under his belt, but if he only has experience in one industry—different from your own—then it’s probably not a good fit. Look for advisors whose clients look similar to your own company, in terms of:
    • Industry
    • Company size
    • IT infrastructure
    • Continuity objectives
  • Knowledge of new technologies and/or best practices: Business continuity is constantly evolving. New technologies can provide better protection against disasters and virtually eliminate downtime. Your consultants could have a lot of experience, but if they’re recommending outdated systems, then you’re leaving your company at risk. Do your homework; research their recommended implementations and make sure their advice is current before you put it into practice.
  • Ratings, reviews and referrals: Treat your prospective consultant with the same evaluation standards as you would a technology investment or even a job applicant. Take the time to research their history and look for online reviews from previous clients. When possible: reach out to those clients with specific questions. Ask the consultant if they’re willing to provide referrals that you can contact directly. A few things to look for as you evaluate responses from referrals:
    • Whether expectations were met or exceeded
    • Unexpected obstacles
    • How the consultant’s implementations and processes held up during a real disaster situation
  • Initial customer service: You can learn so much about a consultant during those first few weeks when you’re still evaluating their services. If you’re constantly reaching their voicemail and not hearing back, then you should be concerned. A lack of good customer service at this stage—especially at a time when they should be courting you!—is a good sign that things won’t be much better after you hire them. Ask yourself:
    • How responsive are they to your phone calls and emails?
    • How willing are they to visit your company in person?
    • How thoroughly are they answering your questions? Do you feel rushed?
    • Are you dealing directly with the consultant or an assistant?
  • Certification: It’s not critical or required that your BC consultant be certified. However, certification can show that the advisor has made a serious investment in their education, training and skill. DRI International, a well-known provider of BCDR training, says that its certifications “acknowledge an individual’s effort to achieve a professional level of competency in the industry.” If you compared two identical consultants, each with identical experience, but one was certified and one wasn’t, which would you choose?If certification is important to you, consider these additional factors when evaluating your options:
    • Where is the certification from?
    • How reputable is the company that provided the certification?
    • How recent is the certification? Has it been maintained?
  • “Results”: The tricky thing about continuity planning is that, unlike other types of business investments, it’s not always measured in ROI. However, when put to the test, good planning can save businesses a lot of money—and can literally save the business itself. When speaking to prospective consultants, ask for use cases that demonstrate real-world scenarios in which their guidance has led to measurable results, such as:
    • Cost savings
    • Reduced risk
    • Faster recovery
    • Minimized impact from a disaster

Final thoughts on finding a good fit

Sometimes, after you’ve evaluated all the factors above, you’ll need to make a subjective decision based on interactions with the consultant so far. In a nutshell, they need to “gel” with you and your team.

Depending on the services you’ll be needing, you will probably be interacting with the advisor on a regular basis. They’ll need to get to know your operations, your people, your processes. If you’re getting a weird vibe from your prospective consultant, or you fear they won’t be a good fit for the company, then it may be time to look elsewhere.

YOU MIGHT ALSO LIKE:  Eliminate Nightmare Scenarios with a Disaster Recovery Test Plan

Tracy Rock is the Director of Marketing at Invenio IT. Tracy is responsible for all media-related initiatives as well as external communications—including, branding, public relations, promotions, advertising and social media. She is one busy lady and we are lucky to have her!

YOU MIGHT ALSO LIKE:  Know the 8 Critical Disaster Recovery Scenarios to Test